• Tenable
  • CVEs
  • Settings
    Links
    Tenable.io Tenable Community & Support Tenable University
    Severity
    Theme
  • Tenable
  • Links
  • Tenable.io
  • Tenable Community & Support
  • Tenable University
  • Settings
  • Severity
  • Theme
  • Newest
  • Updated
  • Search
  • Newest
  • Updated
  • Search
  1. CVEs
  2. CVE-2022-42721
  1. CVEs

CVE-2022-42721

medium
  • Information
  • CPEs
  • Plugins

Description

A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.

References

https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f

https://bugzilla.suse.com/show_bug.cgi?id=1204060

http://www.openwall.com/lists/oss-security/2022/10/13/5

https://lists.fedoraproject.org/archives/list/[email protected]/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/

https://lists.fedoraproject.org/archives/list/[email protected]/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/

https://lists.fedoraproject.org/archives/list/[email protected]/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/

https://www.debian.org/security/2022/dsa-5257

https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html

http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html

https://security.netapp.com/advisory/ntap-20230203-0008/

Details

Source: MITRE

Published: 2022-10-14

Updated: 2023-02-03

Type: CWE-835

  • Tenable.com
  • Community & Support
  • Documentation
  • Education
  • © 2023 Tenable®, Inc. All Rights Reserved
  • Privacy Policy
  • Legal
  • 508 Compliance